The President's Phone OPSEC Continues To Be, Well, Crap

from the ill-communication dept

By now the President’s unwillingness to adhere to anything close to reasonable security when using his mobile phones has been made pretty clear. Whereas the Defense Information Systems Agency (DISA) and the NSA usually work in concert providing state leaders with “hardened” devices that are heavily encrypted, routinely updated, and frequently swapped out, Trump has refused to use these more secure DMCC-S devices (effectively a Samsung Galaxy S4 device utilizing Samsung’s Knox security architecture), because it might infringe on his ability to Tweet.

Past reports have suggested that security advisors have at least convinced him to use two iPhones: one locked down specifically for Twitter, and the other specifically tasked with making phone calls. But as a new report this week from the New York Times makes clear, Trump’s lax phone security is being pretty routinely taken advatage of by foreign intelligence agencies:

“When President Trump calls old friends on one of his iPhones to gossip, gripe or solicit their latest take on how he is doing, American intelligence reports indicate that Chinese spies are often listening ? and putting to use invaluable insights into how to best work the president and affect administration policy, current and former American officials said.”

Senators sent a letter to Trump back in April expressing concern at his abysmal operational security, but that message still hasn’t gotten through to the aggressively cocksure President, according to the Times report:

“Mr. Trump?s aides have repeatedly warned him that his cellphone calls are not secure, and they have told him that Russian spies are routinely eavesdropping on the calls, as well. But aides say the voluble president, who has been pressured into using his secure White House landline more often these days, has still refused to give up his iPhones. White House officials say they can only hope he refrains from discussing classified information when he is on them.”

The Times quotes numerous anonymous experts who say their claims come from sources in these foreign governments. And while the Times story doesn’t get technical about how foreign intelligence agencies are tapping into the calls, many surmise they’re exploiting, among other things, the cellular network Signaling System 7 (SS7, or Common Channel Signalling System 7 in the US) flaw that the industry has been refusing to fix for the better part of the last decade. The flaw can be exploited to track user location, dodge encryption, and even record private conversations if strict countermeasures aren’t adhered to.

That said, security experts were quick to point out there’s an ocean of ways that foreign intelligence agencies could be intercepting Trump’s calls in transit via passive decryption as the calls travel between the phone and cellular tower:

Of course intel agencies could also be targeting his most-commonly called individuals on the other end. As is his way, the President was quick to issue a Tweet insisting the entire story was false…while using his iPhone:

To let Trump’s ego dictate his security practices is obviously still problematic, potentially even to the point of putting lives at risk. It’s also incredibly ironic given all the time Trump spends complaining about potential Chinese spying habits, including the Trump-driven blacklist of all Huawei products in the United States. It’s a blackballing that’s not based on much in the way of evidence, but is certainly appreciated in a protectionist capacity by the U.S. networking and cell phone vendors who didn’t want to have to compete with cheaper Chinese gear. Huawei, for its part, was quick to make light of the report:

Trump’s phone habits continues to be a giant middle finger toward transparency (like adhering to the Presidential Records Act) and fundamental opsec, but neither Trump nor the adults tasked with his daily supervision appear to much care.

Filed Under: , , , , , , , ,

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “The President's Phone OPSEC Continues To Be, Well, Crap”

Subscribe: RSS Leave a comment
James Burkhardt (profile) says:

Re: How are they eavesdropping?

Read the goddamn article and its sources.

The SS7 vulnerability and passive tower decryption, both of which would allow you to access the content of communications are possibilities, listed as 2 of at least 4 possible vulnerabilities that he could be vulnerable to if using a poorly secured line.

James Burkhardt (profile) says:

Re: Re: Re: How are they eavesdropping?

There are countermeasures that can be taken. I don’t know the full details, but a secure phone can handle passive decryption by handling the transmission in different ways that are hard to crack, and if used in the appropriate fashion can avoid being vulnerable to SS7 Hijacking.

Chuck says:

Re: Re: Re:2 How are they eavesdropping?

Just a guess here, but simply linking the hardened phone back to a single known landline point with the encryption keys on it would solve this. i.e. there’d be a server at the NSA/FBI/CIA/etc that the “hardened phone” would route 100% of its communications through. I’m not sure how you could force anything on the PSTN network to do that, but for data you just have a custom data AP, and you could always use SIP or some other VOIP for phone calls instead of a traditional PSTN/GSM phone.

tl;dr probably just a fancy government VPN, basically.

That said, there’s no reason Trump couldn’t have a secured/hardened phone and then either A) have them add in a firewall exception for Twitter just for his phone or B) just carry a small unsecured tablet (preferably with the microphone removed) for Twitter purposes.

Or, yanno, our President could just grow the f*ck up and let a staffer handle the tweets like the last adult to occupy that office did. But who am I kidding?!

James Burkhardt (profile) says:

Re: Nothing changes....

No. But the blackberry was noted to be secure for its limited purposes, specially made to that end and everything we have heard is that Obama held to the restrictions placed on its use, and understood the device’s limitations. Later in his tenure, He actually wanted to upgrade to a newer phone like an iphone, but couldn’t for security, and so chose to keep his blackberry than shift to the similarly old DMCC-S devices, accepting the expert’s lines on security issues.

Techdirt criticizes Trump not just for having devices (ignoring the security experts), but for his poor opsec in handling them, disregarding the limitations of the device’s intended use and regularly communicating classified info or info intended to be kept secure.

Anonymous Coward says:

Re: Re: Nothing changes....

Eh. Just like debt, states rights, the economy, “running government like a business”, limiting spending, individualism, caring for the middle class, education, support for vets, security, and hundreds of other promises – everything gets immediately forgotten the second the vote totals are counted.

Just like clockwork, they will care intensely and extremely loudly again the second their opponent has a lapse in security. then handwave all of Trump’s issues as ancient history and not worth talking about.

That One Guy (profile) says:

"But I don't wanna!"

The fact that we’re talking about the gorram president of the united states acting like a child in refusing to use a specifically secured phone for use, insisting instead that he absolutely must have a phone he can tweet with just baffles the mind, even if it is entirely within character for him.

Nice to him to faceplant in his rebuttal though to provide at last some mitigating humor. ‘They got things wrong, but I can’t be bothered to point out what‘ translates pretty much directly to ‘I have absolutely nothing to rebut them, so instead I’ll try to act superior and dismiss them with absolutely nothing to support my claim.’

DiscontentedMajority (profile) says:

Re: "But I don't wanna!"

From A CNBC interveiw with Obama:

HARWOOD: Speaking of trying to avoid the dangers of the bubble, you still got one of these in your pocket?

Pres.-elect OBAMA: You know, I actually took it out as a consequence of this interview, but I’m still clinging to my BlackBerry. They’re going to pry it out of my hands.

HARWOOD: Well, are you, in fact, going to overcome this idea as anachronistic that presidents can’t use the most modern…

Pres.-elect OBAMA: Well, here’s what I think I can get. I think I’m going to be able to get access to a computer somewhere. It may not be right in the Oval Office. The second thing I’m hoping to do is to see if there’s someway that we can arrange for me to continue to have access to a BlackBerry. I know that…

RE Peters says:

Re: "But I don't wanna!"

The fact that we’re talking about the gorram president of the united states acting like a child in refusing to use a specifically secured phone for use

NO, YOU are taking the NYT as absolute Truth like every netwit does when attacks Trump. Story unlikely on the surface, and the targetting is clear. You are being played at best.

Suddenly you’re for absolute "secrecy" too! Rest of the time you netwits try to "expose" Trump or Pai by demanding every last detail of what they’re doing every second of the day!


RE Peters says:

More New York Times fabrication eagerly repeated.

Let’s not forget the NYT running for months the FAKE NEWS of Trump-Russia collusion. It’s The Establishment Organ. They couldn’t even find a bit of doubt in the "Iraq has WMD" story, with their own reporter stenographing Cheney’s lies. Less than zero credibility, only useful to see what The Deep State is trying.

The Times quotes numerous anonymous experts who say their claims come from sources in these foreign governments.

That means simply ALLEGED are numerous and experts claiming FOREIGN sources who’d have an interest in undermining Trump — as indeed does the NYT.

And while the Times story doesn’t get technical about how foreign intelligence agencies are tapping into the calls,

No details are key point of all FAKE NEWS — like the lying about Kavanaugh. This is unlikely at best without hardware. The software method is sure to leave large footprints all over, and is only useable in practice by NSA which doesn’t have to watch those.

It’s certain the NSA is monitoring Trump, AND that this "news" has ONLY that germ of Truth, with the back story concocted to attack Trump.

And who cares whether Trump does this? I’m for EVERY official action of EVERY politician being ENTIRELY public. We need to outlaw backroom deals and surveil politicians to more than they can bear, so get OUT of gov’t!

And is this truly the most important story you can run here at mighty Techdirt? Where’s The Maz when today’s big STORY is "Trump is causing bombs to be sent"? Not going to pick up that fake news too, or is Masnick busy writing that so Bode had to write this silly filler?

Anonymous Coward says:

Re: More New York Times fabrication eagerly repeated. much to dissect from this post.

What I immediately noticed due to it being all capitalized is the word ALLEGED. You wouldn’t have capitalized it if you didn’t want it noticed.

Now that word is important to you. When it comes to Trump or say, a Supreme Court "justice" who can’t get laid without forcing himself on women. Allegedly.

But let me ask you, is it important to the dim-witted simpletons yelling "lock her up" like trained chimps who just learned how to get a treat by hitting the big button?

Or maybe when he yells out "who’s gonna pay for the wall?" and the tards go "Mexico!" There’s an implied "allegedly" there, I’m sure.

No. That word wasn’t important then. But dammit, it’s important now. You found that word like Trump finds his penis – accidentally.

What’s a simple person like yourself to think about this story? It must be bullshit, right? He appeals to you. More importantly, the fact that he’s a dipshit appeals to you. You can relate to that, amirite?

A simple common man for all the simple people like you. Doing simple things with simple tools.
Using simple words and short sentences.

Sure, tell yourself that he knows what he’s doing. That his tweeting like a 12-year old with ADD is that important – national security be damned. And if it’s found that he’s blabbering like an idiot and the Russians and Chinese are listening? So what? No better way to own the libs than to help the Russians and Chinese elect your guy. After all, some of you would rather be Russian than democrat.

He’s just gotta tweet dammit! Because you can relate to that. Sentences longer than 288 characters are hard to process and hurt your brains. And brain hurt is bad.

Add Your Comment

Your email address will not be published.

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...